From e146fe5ef96c1522175a8e81db15d1e8879e5652 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 26 Oct 2012 14:22:07 +1100 Subject: [PATCH] pysmbd: Set umask to 0 during smbd operations --- source3/smbd/pysmbd.c | 43 ++++++++++++++++++++++++++++++++++--------- 1 file changed, 34 insertions(+), 9 deletions(-) diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c index 9de26291d23..5e8691a8f05 100644 --- a/source3/smbd/pysmbd.c +++ b/source3/smbd/pysmbd.c @@ -43,6 +43,7 @@ static NTSTATUS set_sys_acl_no_snum(const char *fname, connection_struct *conn; NTSTATUS status = NT_STATUS_OK; int ret; + mode_t saved_umask; conn = talloc_zero(NULL, connection_struct); if (conn == NULL) { @@ -56,6 +57,10 @@ static NTSTATUS set_sys_acl_no_snum(const char *fname, return NT_STATUS_NO_MEMORY; } + /* we want total control over the permissions on created files, + so set our umask to 0 */ + saved_umask = umask(0); + conn->params->service = -1; set_conn_connectpath(conn, "/"); @@ -69,6 +74,8 @@ static NTSTATUS set_sys_acl_no_snum(const char *fname, "returned zero.\n")); } + umask(saved_umask); + conn_free(conn); return status; @@ -83,9 +90,16 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname, files_struct *fsp; struct smb_filename *smb_fname = NULL; int flags; + mode_t saved_umask; + + if (!posix_locking_init(false)) { + TALLOC_FREE(frame); + return NT_STATUS_NO_MEMORY; + } conn = talloc_zero(frame, connection_struct); if (conn == NULL) { + TALLOC_FREE(frame); DEBUG(0, ("talloc failed\n")); return NT_STATUS_NO_MEMORY; } @@ -96,15 +110,6 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname, return NT_STATUS_NO_MEMORY; } - conn->params->service = -1; - - set_conn_connectpath(conn, "/"); - - smbd_vfs_init(conn); - if (!posix_locking_init(false)) { - return NT_STATUS_NO_MEMORY; - } - fsp = talloc_zero(frame, struct files_struct); if (fsp == NULL) { TALLOC_FREE(frame); @@ -117,10 +122,21 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname, } fsp->conn = conn; + /* we want total control over the permissions on created files, + so set our umask to 0 */ + saved_umask = umask(0); + + conn->params->service = -1; + + set_conn_connectpath(conn, "/"); + + smbd_vfs_init(conn); + status = create_synthetic_smb_fname_split(fsp, fname, NULL, &smb_fname); if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(frame); + umask(saved_umask); return status; } @@ -140,6 +156,7 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname, if (fsp->fh->fd == -1) { printf("open: error=%d (%s)\n", errno, strerror(errno)); TALLOC_FREE(frame); + umask(saved_umask); return NT_STATUS_UNSUCCESSFUL; } @@ -153,6 +170,7 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname, conn_free(conn); TALLOC_FREE(frame); + umask(saved_umask); return status; } @@ -297,6 +315,7 @@ static PyObject *py_smbd_chown(PyObject *self, PyObject *args) char *fname; int uid, gid; TALLOC_CTX *frame; + mode_t saved_umask; if (!PyArg_ParseTuple(args, "sii", &fname, &uid, &gid)) return NULL; @@ -314,6 +333,10 @@ static PyObject *py_smbd_chown(PyObject *self, PyObject *args) return NULL; } + /* we want total control over the permissions on created files, + so set our umask to 0 */ + saved_umask = umask(0); + conn->params->service = -1; set_conn_connectpath(conn, "/"); @@ -326,6 +349,8 @@ static PyObject *py_smbd_chown(PyObject *self, PyObject *args) DEBUG(0,("chown returned failure: %s\n", strerror(errno))); } + umask(saved_umask); + conn_free(conn); TALLOC_FREE(frame); -- 2.11.4.GIT